what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 490 RSS Feed

Operating System: OpenBSD

OpenSSH 9.9p1
Posted Sep 20, 2024
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: ssh has removed support for pre-authentication compression. ssh and sshd changed processing of the arguments to the "Match" configuration directive to follow more shell-like rules for quoted strings.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | b343fbcdbff87f15b1986e6e15d6d4fc9a7d36066be6b7fb507087ba8f966c02
OpenSSH 9.8p1
Posted Jul 1, 2024
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release contains fixes for two security problems, one critical and one minor.
tags | tool, encryption
systems | linux, unix, openbsd
advisories | CVE-2024-6387
SHA-256 | dd8bd002a379b5d499dfb050dd1fa9af8029e80461f4bb6c523c49973f5a39f3
OpenSSH 9.7p1
Posted Mar 11, 2024
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release contains six bug fixes, a couple of improvements for portability, and a couple new features.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | 490426f766d82a2763fcacd8d83ea3d70798750c7bd2aff2e57dc5660f773ffd
OpenSSH 9.6p1
Posted Dec 21, 2023
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release contains fixes for a newly-discovered weakness in the SSH transport protocol, a logic error relating to constrained PKCS#11 keys in ssh-agent(1) and countermeasures for programs that invoke ssh(1) with user or hostnames containing invalid characters. Included are three security changes, five new features, nine bug fixes, and various other updates.
tags | tool, encryption
systems | linux, unix, openbsd
advisories | CVE-2023-38408
SHA-256 | 910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c
OpenSSH 9.5p1
Posted Oct 4, 2023
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release fixes a number of bugs and adds some small features.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | f026e7b79ba7fb540f75182af96dc8a8f1db395f922bbc9f6ca603672686086b
OpenSSH 9.4p1
Posted Aug 10, 2023
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release fixes a number of bugs and adds some small features.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | 3608fd9088db2163ceb3e600c85ab79d0de3d221e59192ea1923e23263866a85
OpenSSH 9.3p2
Posted Jul 19, 2023
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Disallowed remote addition of FIDO/PKCS11 keys. Terminates pkcs11 process for bad libraries.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | 200ebe147f6cb3f101fd0cdf9e02442af7ddca298dffd9f456878e7ccac676e8
OpenBSD Kernel Relinking Issue
Posted Jun 19, 2023
Authored by C.W. Schech

The automatic and mandatory-by-default reordering of OpenBSD kernels is not transactional and as a result, a local unpatched exploit exists which allows tampering or replacement of the kernel. Arbitrary build artifacts are cyclically relinked with no data integrity or provenance being maintained or verified for the objects being consumed with respect to the running kernel before and during the execution of the mandatory kernel_reorder process in the supplied /etc/rc and /usr/libexec scripts. The reordering occurs at the end of installation process and also automatically every reboot cycle thereafter unless manually bypassed by a knowledgeable party.

tags | advisory, arbitrary, kernel, local
systems | openbsd
SHA-256 | 534646964f9d44726bd9728ee38202f8b55ff1b1f54a3ede253500cd6b4fd5e5
OpenSSH 9.3p1
Posted Mar 16, 2023
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release contains fixes for a security problem and a memory safety problem. The memory safety problem is not believed to be exploitable.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | e9baba7701a76a51f3d85a62c383a3c9dcd97fa900b859bc7db114c1868af8a8
OpenBSD 7.2 ip_srcroute() Overflow
Posted Mar 7, 2023
Authored by Erg Noor | Site github.com

OpenBSD version 7.2 suffers from an overflow vulnerability. ip_dooptions() will allow IPOPT_SSRR with optlen = 2. save_rte() will set isr_nhops to very large value, which will cause an overflow in the next ip_srcroute() call.

tags | exploit, overflow
systems | openbsd
SHA-256 | 6aea32da93ccffa7fa7a888b010cc9b2cd121b1c2b6e081ded5446c568530e66
OpenSSH 9.2p1
Posted Feb 2, 2023
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release contains fixes for two security problems and a memory safety problem. The memory safety problem is not believed to be exploitable, but they report most network-reachable memory faults as security bugs.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | 3f66dbf1655fb45f50e1c56da62ab01218c228807b21338d634ebcdf9d71cf46
OpenSSH 9.1p1
Posted Oct 4, 2022
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release is focused on bug fixing. This release contains fixes for three minor memory safety problems. The portable OpenSSH project now signs commits and release tags using git's recent SSH signature support. 8 new features noted.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | 19f85009c7e3e23787f0236fbb1578392ab4d4bf9f8ec5fe6bc1cd7e8bfdd288
OpenSSH 9.0p1
Posted Apr 8, 2022
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This release is focused on bug fixing. This release switches scp(1) from using the legacy scp/rcp protocol to using the SFTP protocol by default. 6 bug fixes, 3 new features, and 7 portability updates.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | 03974302161e9ecce32153cfa10012f1e65c8f3750f573a73ab1befd5972a28a
OpenSSH 8.9p1
Posted Feb 23, 2022
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Various minor bug fixes and improvements.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | fd497654b7ab1686dac672fb83dfb4ba4096e8b5ffcdaccd262380ae58bec5e7
OpenSSH 8.8p1
Posted Sep 27, 2021
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Various minor bug fixes and improvements.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | 4590890ea9bb9ace4f71ae331785a3a5823232435161960ed5fc86588f331fe9
OpenSSH 8.7p1
Posted Aug 20, 2021
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Fixed a race in pselect replacement code. Improved github test driver script. Various minor bug fixes.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | 7ca34b8bb24ae9e50f33792b7091b3841d7e1b440ff57bc9fabddf01e2ed1e24
OpenSSH 8.6p1
Posted Apr 19, 2021
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Extensive amount of code clean ups and bug fixes have been applied.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | c3e6e4da1621762c850d03b47eed1e48dff4cc9608ddeb547202a234df8ed7ae
OpenSSH 8.5p1
Posted Mar 3, 2021
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Double-free memory corruption issue fixed in ssh-agent. A mitigation was added to stop an overly long username going to PAM. Future deprecation updates provided and many other updates.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | f52f3f41d429aa9918e38cf200af225ccdd8e66f052da572870c89737646ec25
OpenSSH 8.4p1
Posted Sep 28, 2020
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Future deprecations scoped and multiple updates.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | 5a01d22e407eb1c05ba8a8f7c654d388a13e9f226e4ed33bd38748dafa1d2b24
OpenSSH 8.3p1
Posted May 27, 2020
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Deprecation of SHA-1 use. Various other bug fixes and updates.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | f2befbe0472fe7eb75d23340eb17531cb6b3aac24075e2066b41f814e12387b2
OpenSMTPD Out-Of-Bounds Read
Posted Feb 25, 2020
Authored by Qualys Security Advisory

Qualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability, an out-of-bounds read introduced in December 2015, is exploitable remotely and leads to the execution of arbitrary shell commands.

tags | exploit, arbitrary, shell
systems | openbsd
advisories | CVE-2020-8794
SHA-256 | 2c58b82819510289b2fd55d1c6a82b81b279777abd6a6b0db391f990ec12b148
OpenSMTPD Local Information Disclosure
Posted Feb 25, 2020
Authored by Qualys Security Advisory

Qualys discovered a minor vulnerability in OpenSMTPD, OpenBSD's mail server. An unprivileged local attacker can read the first line of an arbitrary file (for example, root's password hash in /etc/master.passwd) or the entire contents of another user's file (if this file and /var/spool/smtpd/ are on the same filesystem). A proof of concept exploit is included in this archive.

tags | exploit, arbitrary, local, root, proof of concept
systems | openbsd
advisories | CVE-2020-8793
SHA-256 | 3617b8854e485e1d063e08764e96429e54c6b7bb0467d127e819133f80c925d5
OpenSSH 8.2p1
Posted Feb 17, 2020
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: SSHFP is now an RFC. Various other bug fixes and updates.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | 43925151e6cf6cee1450190c0e9af4dc36b41c12737619edff8bcebdff64e671
OpenSMTPD 6.6.1 Local Privilege Escalation
Posted Feb 11, 2020
Authored by Marco Ivaldi

smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell meta-characters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.

tags | exploit, remote, arbitrary, shell, root
systems | openbsd
advisories | CVE-2020-7247
SHA-256 | f42f9b3d984851bedec7966cba6c70991ad906a48462064b1ae90325c6aa112b
OpenBSD OpenSMTPD Privilege Escalation / Code Execution
Posted Jan 29, 2020
Authored by Qualys Security Advisory

Qualys discovered a vulnerability in OpenSMTPD, OpenBSD's mail server. This vulnerability is exploitable since May 2018 (commit a8e222352f, "switch smtpd to new grammar") and allows an attacker to execute arbitrary shell commands, as root.

tags | exploit, arbitrary, shell, root
systems | openbsd
advisories | CVE-2020-7247
SHA-256 | 9415f92980a964e9430ed555502126d19de735d2acfd5db27d83bb342e5a8b2c
Page 1 of 20
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close